Jump to content


Honorary Members
  • Content Count

  • Joined

  • Last visited

About alvarnell

  • Rank
    Macintosh Guru

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. "-i" is a custom argument or parameter that is passed to the RTProtectionDaemon who's meaning is unknown to me. I don't know why Activity Monitor has chosen to display that instead of "RTProtectionDaemon." Temporary files are constantly being created and deleted by multiple processes, both macOS and 3rd part programs, in areas that are being scanned, so no there is nothing you can do to change that and it's perfectly normal.
  2. alvarnell

    Why Are These Files A Threat?

    As long as they are not labeled as a "PUP", you should assume they are definitely some sort of threat, although most these days are adware which are mostly annoying rather than being up to some malicious, nefarious behavior. The identification methods for malware are very specific so it would be a real rarity for anything so identified to be a False Positive. PUPs are somewhat different, because you may find their usefulness to override the negative aspects that many Mac users have experienced. You just need to be fully aware of what the specific action you are asking them to perform is doing to your computer. They have been known to do more harm than good for some inexperienced users. Here is a blog article describing PUPs and how to avoid them https://blog.malwarebytes.com/101/2016/02/how-to-avoid-potentially-unwanted-programs/. If you google the name of the threat, you can probably learn more about it as most use the common name of that threat family. If you still have questions about any of them post the name here and I'm sure I can describe it for you.
  3. Please read through an perform the actions outlined in this pinned article in the Mac Malware Removal Help and Support Forum
  4. alvarnell

    ABC News is being blocked.

    If I were in charge, I woul certainly be in favor of blocking all url shorteners since the only way to know where you will land is to activate preview mode for that shortening service to see wher you are being redirected to. Most people don't do that and some services don't offer it. Way too easy to use these to maliciously redirect users to fake sites.
  5. alvarnell


    I believe so. Here's the previous reply I couldn't locate earlier:
  6. alvarnell


    Elsewhere, it was stated that all .info sites are blocked due to the number of such sites involved in malicious behavior. Good sites have to be whitelisted.
  7. Not sure what you mean by "send". Normally, you just download it to each device and use the registration e-mail to license each one. For your phone you simply need to open the App Store app and search for Malwarebytes, same as you would do for any iDevice app.
  8. alvarnell

    iOS beta invite

    The iOS Beta has been oversubscribed for several months now. You will need to wait for something to open up in order to receive an invitation.
  9. WPA originally used two forms of encryption TKIP & AES, but the former was easily cracked and is now deprecated and no longer considered secure. WPA2 has mandatory use of AES but can still fall back to TKIP for backward compatibility. That's why David specified AES. Usually selecting WPA/WPA2 will use the latter, but you are probably better off having chosen WPA2 to be sure that's what you are getting.
  10. When you run a scan, detect threats and authorize their removal, they are moved to a special Malwarebytes folder called Quarantine. Threats which have been moved into Quarantine cannot harm your computer. They are neutralized as part of the Quarantine process, and can be processed further at any time. When real-time protection detects a threat, that threat is also moved to the Quarantine folder. If you want to inspect the contents of the Quarantine folder, click Show Quarantine on the Quarantine screen. That will open a new system window showing the contents of the Quarantine folder. That system window is only there for your inspection. If you wish to delete the contents of the Quarantine folder, you should click Clear Quarantine in the MalwarebytesQuarantine screen. You will be presented with a confirmation window before the deletion takes place. Sometimes your computer must be restarted to complete remediation of threats that were detected. Restarts necessitated by real-time protection detections will show a notification. If a restart is required to complete remediation of threats detected during a scan, the a different notification is shown instead. When a restart is required, please remember to save all work before clicking Restart. At what point does Malwarebytes not give you the option to remove it? If you get an error message, exactly what does it say? If possible provide a screen shot. Findzip hasn't been seen very often for awhile now, so this may be something relatively new. What is the name of the file(s) moved to Quarantine? Don't clear it until we know if it's something new. The only reference I could find to wQqxiSfg was this question last month, but was never resolved
  11. alvarnell

    transferring licence

    I've been told that new licenses can be transferred to Windows, Mac, or Android. Not sure whether your MBA would need to be decertified or not, but if you run into a problem when you do get your Windows Machine, file a help ticket to get instructions.
  12. This is almost certainly not being caused by anything on your MBP. Such popups are commonly caused by a javascript embedded in an advertisement on the site you went to, so called "malvertising". Such sites subscribe to an advertising service that occasionally has one of it's rotating advertisements infected which causes that popup. They are perfectly harmless as long as you don't take any action on what it is telling you. Eventually the ad goes away along with the persistent script. Sounds like everything is back to normal. Command-option-escape should give you a Force Quit Applications window that you can use to force quite Safari. Or you can hold the option key down while clicking on the Safari icon in the Dock and selecting "Force Quit" from the resulting menu. Then hold the shift key down when re-launching Safari to prevent it from re-opening windows and tabs. Shift-Control-Option-Power key is used to reset SMC after a reboot, so not surprising that this didn't result in a shut down. Command-Control-Power key will force a reboot. Command-Control-Media Eject button will quit all apps and restart. Command-Option-Control-Power Button will force a quick shutdown or you can hold down the option key and select "Shutdown" from the Apple menu.
  13. alvarnell

    Additional PC's not Apple

    You will definitely need to download the Windows version of Malwarebytes on your Laptop. If you have a “Premium for Home” license, then it should be good for up to three computers, but if it is a “Premium for You” then you will need an additional license. You might want to contact sales to see if you can change your license as that would save you money.
  14. alvarnell

    Newbie wonders about this file?

    Used cautiously by a knowledgable user that understands exactly what he or she is doing, it can be a useful tool. Novice users should avoid it as it can easily do more harm than good if used blindly or when no problem exists. Almost everything it does is either already accomplished normally by macOS or with a little effort can be done using Apple or free 3rd party utilities. As such, some scanners classify it as a PUP or PUA (Potentially Unwanted Programs/Application). The missing plist isn't really a factor or an issue here. See https://support.malwarebytes.com/docs/DOC-1121 for Malwarebytes official explanation.
  15. Since the Chrome Extension is still in beta and the screen grab clearly shows that you are using that in attempting to access your website, it certainly sounds like the staff member correctly moved your posting to the forum where it could be most quickly and efficiently acted upon. Your issue is very much related to Malwarebytes for Chrome and not necessarily a wider issue with a non-beta False Positive.

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.